June 2019
Beginner to intermediate
660 pages
14h 30m
English
The code caving technique is generally used when backdoors are kept hidden inside free space within the program executables and library files. The method masks the backdoor that is typically inside an empty memory region and then patches the binary to make a start from the backdoor itself. Let's patch the CryptBase DLL file as follows:

The backdoor factory is shipped along with Kali Linux. We have used the -f switch to define the DLL file to be backdoored and the -S switch to specify the payload. The -H and -P denote the host and port, respectively, while the -o switch specifies the output file.
Read now
Unlock full access